In the last few days articles highlighting cyber security breaches have been hitting the media. While these security threats are good to know about, it is also important to remember that the media can blow these threats out of proportion.
At Zeald, we have a team who constantly updates and improves our CMS. The sole aim of this is to ensure we provide our customers with the safest, strongest software available. This means that they are continuously looking at the security of our CMS, and applying patches.
In the latest article from the Sydney Morning Herald, they discuss the new website threat ‘Heartbleed’.
“…Google security engineer and some other researchers published information indicating they had discovered a serious flaw, dubbed "Heartbleed", in numerous but not all versions of the OpenSSL cryptographic software library, which is used to secure millions of websites.”
"This ... means that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit."
At Zeald, our R&D team had already applied a security patch to prevent our clients websites being affected. We have also ensured the front end servers which run this software don't have access to any private data as part of our server structure.
Closer to home, Stuff posted an article this morning about ransomware.
“...mid-last year, crypto-locker ransomware emerged which encrypts the files on victims' computers and gives them a deadline to pay up before the key to decrypt the files is destroyed.”
“Netsafe advises people to regularly back up their files and store them safely offline, which would reduce the likely impact of crypto-locker attacks.”
Anyone who wants to gain access to someones computer needs to be let in by the owner, usually via malware, which can come through via attachments & downloads. These most frequently come in through emails, or hacked open source websites which masquerade the infected files as legitimate downloads, using the hacked company's credibility to build trust with the user.
At Zeald, we have a filter which filters out most malware based emails for customers that use our email system. We also scan our web servers for any malware uploaded by clients to their websites which can happen if the clients computer is infected with viruses and malware.
For anyone interested in reading more on how to protect yourself on the internet, please read our article, ‘Online threats- is your website at risk’
In the meantime, here are a few quick tips on general internet security:
- Have a complicated password that is not guessed easily. It's best to have a mixture of letters, capitals, and numbers. Stay away from 'qwerty' or your date of birth.
- Change your passwords every now and again.
- Have different passwords- most people have one password for most of their accounts, this means that if someone gets one, they get them all!
- Do not open any email that looks like spam. If you receive an email from someone you never talk to with an odd subject line, avoid opening it as their email account may have been hacked.
- If you do open an email that seems like spam, do not download any attachments.
- Avoid clicking on any dodgy looking pop-up windows.
- Do not buy from sites that you don’t trust. A good idea is to check the credentials of the website. Does it have a PayPal logo? Have you read their security and pay information?